<?php
/*

Version 0.1
SEMF - Web Desiging Framework for Sport Event Managment
Copyright (C) 2006, SEMF Developers

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA

*/
//keep user_token all the time..
include_once("SEMF_consts.php");

$user_token = $_GET["user_token"];
if(!isset($user_token))
{
	$user_token= $_POST["user_token"];
}

include_once($semf_root."core/lib/login_util.php");

if(!isset($project_dir))
{
	$doc = new DOMDocument();
	$semf_xml = $semf_root."conf/semf.xml";
	$doc->load($semf_xml);//load from semf_xml
	$project_elements = $doc->documentElement->childNodes;
	
	foreach($project_elements as $project_element)
	{
		$project_name = $project_element->getAttribute("name");
		$child_nodes = $project_element->childNodes;
		
		foreach($child_nodes as $child_node)
		{
			if($child_node->tagName == "dir")
			{
				$project_dir = getNodeValue($child_node);
			}
		}
		break;
	}
}

$db_info = get_database_info($semf_root.$project_dir);

$db_name = $db_info["db_name"];
$db_server = $db_info["db_server"];
$db_password = $db_info["db_password"];

//retriving the information from the server.
$link = mysql_connect($db_server, 'root', $db_password);
if(!$link || !mysql_select_db($db_name))
{
	die("Error in connecting to ".$db_server." or selecting database". $db_name);
}
if(!isset($user_token))
{
	goto_login($semf_root, $project_name, $project_dir, "Login as an Adminstrator", $from_url, $from_parent);
}
//check for the user name token..
$query = "SELECT id, timeStamp FROM System_Administrator WHERE ".
			"userToken = '".$user_token."'";

$result = mysql_query($query) or die("Error in query: $query ".mysql_error());

if(mysql_num_rows($result) ==  0)
{
	goto_login($semf_root, $project_name, $project_dir, "Login as an Administrator", $from_url, $from_parent);
}

//check the timestamp..
if($row = mysql_fetch_row($result)) 
{
	$id = $row[0];
	$timeStamp = $row[1];
	$currentTimeStamp = time();
	
	if($currentTimeStamp - $timeStamp > $SESSION_LIMIT * 60)
	{
		//just invalidate the session..
		goto_login($semf_root, $project_name, $project_dir, "Your session is expired", $from_url, $from_parent);
	}
	//else update the currentTimeStamp..
	
	$query = "UPDATE System_Administrator SET ".
											"timeStamp = '".$currentTimeStamp. "' ".
											"WHERE id = ".$id;
											
											//echo $query;
	
	$result = mysql_query($query) or die("Error in query: $query ".mysql_error());	
}
mysql_close($link);


function goto_login($semf_root, $project_name, $project_dir, $message, $from_url, $from_parent)
{
	/*$relative_url = $semf_root."core/login.php?".
				"project_name=".$project_name."&".
				"project_dir=".$project_dir."&".
				"from_url=".$from_url."&".
				"msg=".$message;
					
	header("Location: http://" . $_SERVER['HTTP_HOST']
	 . dirname($_SERVER['PHP_SELF'])
	 . "/" . $relative_url); */
	 
	 $args = array(	"project_name"=> $project_name,
	 				"project_dir"=> $project_dir,
					"from_url"=> $from_url,
					"msg"=> $message);
	 createSubmitPage($semf_root."core/login.php", $args, $from_parent);
	 exit();
}
?>
